Add extra logging to signature filter check

hibernate · Oct 23, 2024 · c21ba57 · c21ba57
1 parent c274907
commit c21ba57
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/...in/java/org/hibernate/infra/replicate/jira/service/validation/RequestSignatureFilter.java b/...in/java/org/hibernate/infra/replicate/jira/service/validation/RequestSignatureFilter.java
@@ -21,6 +21,7 @@
 import org.jboss.resteasy.reactive.server.ServerRequestFilter;
 import org.jboss.resteasy.reactive.server.WithFormRead;
 
+import io.quarkus.logging.Log;
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.inject.Inject;
 import jakarta.ws.rs.container.ContainerRequestContext;
@@ -63,13 +64,15 @@ public Response checkSignature(ContainerRequestContext requestContext) throws IO
 			String signature = requestContext.getHeaderString("x-hub-signature");
 
 			if (signature == null || !requestContext.hasEntity()) {
+				Log.warnf("Rejecting a web hook event because of the missing signature. Posted to %s", path);
 				return Response.status(401).entity("Invalid request. Missing x-hub-signature header.").build();
 			}
 			try (InputStream entityStream = requestContext.getEntityStream()) {
 				byte[] payload = entityStream.readAllBytes();
 
 				final String calculatedSignature = sign(mac, payload);
 				if (!calculatedSignature.equals(signature)) {
+					Log.warnf("Rejecting a web hook event because of the signature mismatch. Posted to %s", path);
 					return Response.status(401).entity("Signatures do not match.").build();
 				}
 				requestContext.setEntityStream(new ByteArrayInputStream(payload));